Scribd Logo
Upload

Welcome to Scribd!

  • VOYAGER: Yet Another Secure Web Browser To Demonstrate Secure Socket Layer Working and Implementation

    Uploaded by

    asd
    12 views20 pages

    Original Title

    ssl

    Copyright

    © © All Rights Reserved

    Available Formats

    PPT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    12 views20 pages

    VOYAGER: Yet Another Secure Web Browser To Demonstrate Secure Socket Layer Working and Implementation

    Uploaded by

    asd

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 20

    VOYAGER: Yet Another Secure

    Web Browser to Demonstrate


    Secure Socket Layer Working and
    Implementation

    By:Shrinivas G. Deshpande
    Advisor: Dr. Chung E. Wang
    Second Reader: Prof. Richard Smith
    Scope of the Project
     Study of Secure Socket Layer(SSL) Protocol
     SSL Handshake Protocol
     SSL Record Protocol
     Demonstrate how SSL can be used to make
    clients secure against a secure server
     Keys and Digital Certificates
     Role of Gateways in SSL communication

    Voyager: Yet Another Secure Web 2


    Requirement Specification
    1. Introduction to SSL
    1. What is SSL and how SSL works
    2. Client and Server Authentication
    3. SSL Handshake Protocol
    4. SSL Record Protocol
    2. Difference between http and https
    1. Demonstrated by developing a Browser that
    understands http and https.
    3. Certificates and Digital Signatures
    4. Role of Gateways in SSL communication

    Voyager: Yet Another Secure Web 3


    1. Difference between http and https
     http  https
     Stateless protocol  Session based
     Non secure connection protocol
     Non Secure Sockets  Secure connection
     Secure Sockets

    Voyager: Yet Another Secure Web 4


    2.Introduction to SSL
     SSL- Developed by Netscape Communication
     SSL – accepted universally on the World Wide
    Web for AUTHENTICATED and ENCRYPTED
    communication between clients and servers
     IETF standard called Transport Layer Security
    is based on SSL
     SSL protocol runs above TCP/IP and below
    higher level protocols such as HTTP
     Uses TCP/IP to authenticate itself to an SSL
    enabled client

    Voyager: Yet Another Secure Web 5


    What does SSL actually do?
     Fragments messages to be
    transmitted into manageable blocks
     Compresses the data
     Encrypts and transmits the data
     Received data is decrypted
     Verified, decompressed
     Reassembled and transmitted to
    higher layers
    Voyager: Yet Another Secure Web 6
    SSL in TCP/IP Protocol Stack

    Voyager: Yet Another Secure Web 7


    SSL Record Layer

     Receives uninterrupted data from upper


    layers
     Fragmentation / Reassemble data
     Compresses/Decompress data
     Encrypt/Decrypt and verification of
    data

    Voyager: Yet Another Secure Web 8


    SSL Handshake Protocol
     Maintains information about
    the current state and next
    state called the pending
    state
     Once the handshake is
    complete, the two parties
    have shared secrets used
    to encrypt records and
    compute keyed messages
    authentication codes on
    their contents.
     Maintains the handshake
    state information of the
    client and server and
    ensures that the protocol
    state machines of client and
    server work consistently

    Voyager: Yet Another Secure Web 9


    SSL Record Protocol

     Receives uninterrupted
    data from upper layers
     Fragmentation /
    Reassemble data
     Compresses/Decompress
    data
     Encrypt/Decrypt and
    verification of data

    Voyager: Yet Another Secure Web 10


    Design:Secure Library Class Diagram

    Voyager: Yet Another Secure Web 11


    http connection sequence diagram

    Voyager: Yet Another Secure Web 12


    https connection sequence diagram

    Voyager: Yet Another Secure Web 13


    How/Why Gateways use SSL
     SSL designed to provide security between client and server and avoid man-in-
    the-middle attack
     SSL considers a proxy server as a middleman
     Gateways act as clients and authenticate servers. Client authentication is not
    possible.
     Gateway/proxy can internally authenticate client within the firewall
     Packet Filtering by allowing specific ports for specific traffic. 443 in case of SSL
     SSL can works with gateways that support SOCKS. SOCKS is a networking proxy
    protocol that enables hosts on one side of a SOCKS server to gain full access to hosts
    on the other side of the SOCKS server without requiring direct IP-reach ability. SOCKS is
    often used as a network firewall, redirecting connection requests from hosts on opposite
    sides of a SOCKS server. The SOCKS server authenticates and authorizes requests,
    establishes a proxy connection, and relays data between hosts.

    Voyager: Yet Another Secure Web 14


    Gateways and SSL
     Proxy Server should support
    SOCKS to support SSL
     With SOCKS, DNS is the
    responsibility of the client
     SSL tunneling, DNS is the
    responsibility of the proxy
     Proxy Server can spoof mock
    on behalf of internal client.
    Makes connection faster

    Voyager: Yet Another Secure Web 15


    Implementation Details
     Client/Server setup for development
     Voyager Front-end: Developed Using Java Swing.

    JRE:1.3.1_02
     Secure Library: Developed using Java and JSSE.

     Testing: Running Apache Tomcat as a Secure Web

    Server on Local System on port #: 8443


     JSSE is Java implementation of SSL developed by SUN
     Key/certificate generation
     Key/certificate generation using Keytool

     RSA algorithm used for key generation

     X.509v3 certificates generated

     Import/Export certificate to make certificate available for

    authentication

    Voyager: Yet Another Secure Web 16


    Voyager Snapshots

    Voyager: Yet Another Secure Web 17


    Securely Accessing Tomcat Apache Default page though Voyager

    Voyager: Yet Another Secure Web 18


    Accessing Golden-1 web site through Voyager

    Voyager: Yet Another Secure Web 19


    Conclusion
     Opportunity to learn about network
    security
     How SSL works/implemented
     Setting up client servers for secure
    communications
     Thanks to Dr. Wang and Prof. Dick
    Smith

    Voyager: Yet Another Secure Web 20

    You might also like